Oval Definition:	oval:org.mitre.oval:def:6831
Revision Date: 2014-10-06 Version: 27 Title: Mozilla Firefox, Thunderbird, and Seamonkey Multiple XSS Vulnerabilities Description: Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2009-1309 Platform(s): Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Vista Product(s): Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird Definition Synopsis Check Mozilla Thunderbird version Mozilla Thunderbird Mainline release is installed AND Thunderbird version is less than or equal to 2.0.0.21 OR Check Mozilla Seamonkey version Mozilla Seamonkey is installed AND Seamonkey version is less than or equal to 1.1.16 OR Check Mozilla Firefox version Mozilla Firefox Mainline release is installed AND Firefox version is less than or equal to 3.0.8
BACK